Apple has rolled out iOS 18.3.1 and iPadOS 18.3.1, addressing a Zero-day vulnerability exploited in targeted extremely sophisticated attacks by taking advantage of disabling the USB-restricted mode. Apple’s USB Restricted Mode is a security feature that prevents unauthorized access to data…
Tag: Cyber Security News
8Base Ransomware Dark Web Site Seized, Four Operators Arrested
In a significant breakthrough against global cybercrime, Thai authorities announced today the arrest of four European nationals linked to the notorious 8Base ransomware group. The operation, codenamed “Phobos Aetor,” culminated in the seizure of the group’s dark web infrastructure and…
12K+ KerioControl Firewall Instances Vulnerable to 1-Click RCE Exploit
A critical security vulnerability, CVE-2024-52875, has been identified in GFI KerioControl firewalls, affecting versions 9.2.5 through 9.4.5. This flaw, which can be exploited for remote code execution (RCE), has already drawn significant attention from cybercriminals, with thousands of unpatched systems…
Microsoft SharePoint Connector Vulnerability Let Attackers Steal User’s Credentials
A critical server-side request forgery (SSRF) vulnerability in Microsoft Power Platform’s SharePoint connector allowed attackers to harvest user credentials and impersonate victims across multiple services, including Power Apps, Power Automate, Copilot Studio, and Copilot 365. The patched flaw posed severe…
NetSupport RAT Grant Attackers Full Access To Victims Systems
Cybersecurity experts have observed a significant increase in the use of the NetSupport Remote Access Trojan (RAT) in recent months, a malicious tool that allows attackers to gain full control over compromised systems. This surge in activity has been linked…
Quishing via QR Codes Emerging As a Top Attack Vector Used by Hackers
QR codes have become an integral part of our digital lives, offering quick access to websites, services, and even payment systems. However, their widespread use has also made them a prime target for scammers. A new threat, known as “quishing,”…
LLM Hijackers Gained Stolen Access to DeepSeek-V3 Model Very Next Day After Release
With the release of DeepSeek-V3 on December 25, 2024, the number of LLMjacking attacks in the cybersecurity space has significantly increased. Within hours of its launch, malicious actors had compromised the model, integrating it into OpenAI Reverse Proxy (ORP) systems…
1M+ Malware Samples Analysis Reveal Application Layer Abused for Stealthy C2
A recent analysis of over 1 million malware samples unveiled a trend where adversaries increasingly exploit the Application Layer of the Open System Interconnection (OSI) model to conduct stealthy Command-and-Control (C2) operations. By leveraging trusted Application Layer Protocols, attackers are…
GitHub Copilot’s New Agent Mode Let Developers Autonomously Complete Coding Tasks
GitHub has unveiled a groundbreaking update to its AI-powered coding assistant, GitHub Copilot, with the introduction of Agent Mode. This new feature, available in preview for Visual Studio Code (VS Code) Insiders, empowers developers to autonomously complete complex coding tasks…
Cisco Hacked – Ransomware Group Allegedly Breach Internal Network & Gained AD Access
Cisco has reportedly fallen victim to a significant data breach, with sensitive credentials from its internal network and domain infrastructure leaked online. The breach is allegedly linked to the Kraken ransomware group, which has published a dataset on its dark…